Skip to main content

Woocommerce Cart Abandonment Recovery

2 CVEs product

Monthly

CVE-2026-39470 HIGH PATCH This Week

Privilege escalation in the WooCommerce Cart Abandonment Recovery WordPress plugin before version 2.1.0 allows an authenticated shop manager to elevate privileges beyond their intended role on affected WordPress sites. The flaw, tracked as CWE-266 (Incorrect Privilege Assignment), carries a CVSS 7.2 (High) score and has a vendor-released patch in 2.1.0, with no public exploit identified at time of analysis.

Privilege Escalation WordPress Woocommerce Cart Abandonment Recovery
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-2322 MEDIUM POC This Month

The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Woocommerce Cart Abandonment Recovery
NVD WPScan
CVSS 3.1
6.8
EPSS
0.4%
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Privilege escalation in the WooCommerce Cart Abandonment Recovery WordPress plugin before version 2.1.0 allows an authenticated shop manager to elevate privileges beyond their intended role on affected WordPress sites. The flaw, tracked as CWE-266 (Incorrect Privilege Assignment), carries a CVSS 7.2 (High) score and has a vendor-released patch in 2.1.0, with no public exploit identified at time of analysis.

Privilege Escalation WordPress Woocommerce Cart Abandonment Recovery
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2.27 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Woocommerce Cart Abandonment Recovery
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy